Integration with Palo Alto Firewalls
[ Edited ]
Adviser
Posts: 171
Registered: ‎09-09-2015
Adviser
Posts: 81

Infoblox Threat Intelligence Data Exchange (TIDE) leverages highly accurate machine-readable threat intelligence (MRTI) data to aggregate and selectively distribute data across a broad range of security infrastructure.

 

Palo Alto Firewalls can leverage Infoblox's threat intelligence and block access to malicious destinations by domain names, ip-addresses and URLs. 

 

The attached guide provides you step by step instruction how to load ActiveTrust IOCs on Palo Alto firewalls, meanwhile the guide assumes that you already have expirience with ActiveTrust TIDE REST API and doesn't cover how to retrive indicators from ActiveTrust TIDE. If you are not familiar with TIDE API, please read a quick start guide attached to this post.

 

Please keep in mind that Palo Alto firewalls support limited quantity indicators. Please refer PAN-OS Administrator's guide for details.

 

Vadim